COMPUTER-IMPLEMENTED METHOD AND COMPUTER PROGRAM PRODUCT FOR THE ACCESS CONTROL OF A TERMINAL
The invention relates to a computer-implemented method and to a computer program product for the access control of a terminal, private data and other data being stored on the terminal and access to the private data being able to be limited or unlimited, comprising the following steps in the case of unlimited access: capturing an image signal by means of a camera of the terminal; performing a face detection process by means of the captured image signal; and continuously monitoring the number of faces in the captured image signal, which number of faces is determined in the face detection process, the access being limited if the number of faces is greater than one.
The invention relates to a computer-implemented method for the access control of a terminal, private data and other data being stored on the terminal and access to the private data being able to be limited or unlimited, comprising the following steps in the case of unlimited access: capturing an image signal by means of a camera of the terminal and performing a face detection process by means of the captured image signal.
The terminal can be a computer, a terminal device, in particular, a mobile terminal, e.g. a smartphone or a tablet computer. In this connection, private data include data that are marked as private, stored on the terminal or received and intermediately stored by the terminal. For example, a contact from an address book of a smartphone can be marked as private (a private contact) and, by means of this, all the data associated with the contact marked as private (e.g. contact information, chat displays, call signalling, location, etc.) are also automatically marked as private. Typically, such private data are locally stored on the terminal and are fully encrypted. This can make it difficult to bypass the access control or avoid this.
In this connection, a face detection process is understood as a known image analysis method. Such methods are frequently used for localizing a face in an image (face localization) in the case of digital camera for example. In this connection, the position of the faces is only of minor importance. The face detection process essentially designates an automatic detection (in terms of a determination, not an identification) of one or a plurality faces in an image. The normally is made possible on the basis of movement, typical shapes (oval) and colours (skin pigments) and/or detection and evaluation of the arrangement and distance of the eyes. In contrast to this, face identification relates to an assignment of a face to a certain person. Face identification is a biometric method and can, for example, be used as a biometric factor for the authentication of people. Thereby, for example, biometric features of a face are compared with the stored features of a known face and the identity of the person is confirmed in the event of a match. The term face detection can mean both a face detection process as well as face identification and will therefore be avoided to a great extent in the following.
The access control essentially controls what data a user has access to and, in particular, what data are visible for the user in general. A typical access control system differentiates between a blocked access (access deactivation), which is characterized in that the blocked data are not visible, and unlimited access. The access deactivation can, for example, be a screen lock, which can only be cancelled by means of an authentication of the user. In the case of access deactivation, the access to all data (i.e. private and other data) is blocked on the terminal. Accordingly, in the case of an active access deactivation, none of the data stored on the terminal are generally visible. In any case, access to public status information (e.g. time, received signal, etc. are displaced despite an active access deactivation, thereby being visible).
Such an access control is known from U.S. Pat. No. 8,370,639 B2 for example. In it, a method for authentication and continuous tracking of a user (e.g. of a mobile telephone) by means of face recognition is described. The face recognition can be initialized by entering other authentication characteristics, for example, of a password. However, in the case of this access control, no differentiation is made between blocked and limited or between limited and unlimited access: as soon as and as long as a user can be authenticated, there is unlimited access. A second user, which stays in the vicinity of the terminal thereby receives essentially the same unlimited access as the authorized user. In particular, all displayed data can be read by others.
A similar method is also shown in U.S. Pat. No. 8,660,322 B. In the case of this method, access is blocked if the user leaves the field of view of a camera; as soon as he/she is detected again, unlimited access is granted again. Also here, no limited access is provided.
It is the object of the invention to protect private data from being spied on and read by others.
In the case of the method of the aforementioned type according to the invention, the number of faces detected in the detected image signal during the face detection process is continuously monitored, wherein access is limited if the number of faces is greater than one. Thereby, it can be ensured that the unlimited access is only granted for as long as only one person is detected in the field of view of the camera (i.e. the region that the camera detects). As soon as the face of a second person enters into the field of view of the camera, the access is limited, meaning the terminal is changed over to limited access. Afterwards, the users of the terminal continue to have access to the other data that are not marked as private that are stored on the terminal. In this way, it is made difficult for a second person to spy on the private data. For example, private contacts and all indications of the communication with private contacts are kept confidential from other people than the authorized user of the terminal. The marking of data as private is carried out by the user and is stored on the terminal. For example, the user can mark an existing contact as “private” or he/she creates a new contact with the indication “private” or he/she creates a new contact with the indication “private”. Subsequently, the terminal treats all data linked to this contact as private data, e.g. earlier calls, text messages, e-mails, chat messages, the contact information itself or images or videos liked to the contact.
If the terminal comprises a screen for displaying private and other data, it is particularly favourable if the private data are fully hidden in the case of limited access and only the other data are displayed. That means the access to the private data is not only limited by making it unidentifiable, but in a way that, in the case of limited access, no indication of the existence of this data is evident. In particular, unauthorized users should not recognize that thy only have limited access.
In this connection, it has been shown to be favourable if, in the case of unlimited access, a visual indication of unlimited access is displayed. Thereby, in the case of unlimited access, a user can recognize that, now, both other data as well as private data are displayed and that he/she thereby has fully free access to all data. The visual indication can, for example, be a green frame on the screen. An unlimited access can be recognized by the authorized user by the visual indication not being present; the limited access cannot be recognized by the non-authorized user however, because this user does not know or expect the visual indication.
Preferably, in the case of limited access, events pertaining to private data are displayed on the screen in a limited (e.g. censored) form. This function should make it possible for events in connection with private data (e.g. a message from a private contact) to be pointed out to the user even in the case of limited access (e.g. if the terminal is not used or is not used alone). For example, a call from a private contact can be displayed as an “unknown number” if a smartphone openly lies on the table for example.
With regard to starting continuous analysis, it is favourable if an authentication of a user is performed in order to obtain unlimited access, wherein, before the unlimited access is granted, an image signal is captured using the camera of the terminal, a face detection process is carried out with the captured image signal and a determination of the number of faces in the captured image signal are carried out, wherein the granting of access only takes place if the number of faces is exactly one. Even in the event of successful authentication, unlimited access is only granted if no observers and potential co-readers are detected.
In this context, it is particularly favourable if authentication includes biometric authentication, in particular, face identification and/or iris identification. In this case, authentication and the number of faces can be performed on the basis of the same image data. In addition or as an alternative, other factors can of course also be used for authentication, e.g. a password or a fingerprint.
In a preferred variant of the present invention, the face identification can be repeated regularly or randomly in parallel with the analysis of the number of faces. This makes it possible to ensure that an unauthorized user who appears in the camera's field of view at the same time the authorized user leaves the camera's field of view has unlimited access.
The invention is explained below on the basis of particularly preferred exemplary embodiments, to which it should not be limited, and will be further explained with reference to the drawings. In detail, the figures show:
On the basis of unlimited access 1 (cf.
If the terminal comprises a screen for displaying private and other data, the private data are fully hidden in the case of limited access and only the other data are displayed. In the case of unlimited access, a visual indication of unlimited access is displayed on the screen in the form of a coloured (e.g. green) frame. Preferably, in the case of limited access, if an event pertaining to private data occurs, the event is displayed on the screen in a limited (e.g. censored) form.
In accordance with a further variant of the method according to the invention, a biometric authentication of a user using a face identification and, optionally, an iris identification can be carried out to obtain unlimited access. Before granting unlimited access, an image signal is captured using the camera of the terminal, a face detection process is carried out using the captured image signal and the number of faces in the captured image signal is determined. Subsequently, granting unlimited access only occurs if the number of faces is exactly one.
In
As soon as more than one face is detected in the image signal of a camera in the context of the method according to the invention carried out on the terminal 10, the terminal 10 switches over to a state with limited access. This state is shown in
A second use case is shown in
Claims
1. Computer-implemented method for the access control of a terminal, private data and other data being stored on the terminal and access to the private data being able to be limited or unlimited, comprising the following steps in the case of unlimited access (1):
- capturing (2) an image signal by means of a camera of the terminal;
- performing (3) a face detection process with the captured image signal;
- and characterized by
- continuous monitoring (4) of the number of faces detected in the detected image signal during the face detection process, wherein access is limited (5) if the number of faces is greater than one.
2. Method according to claim 1, wherein the terminal comprises a screen for displaying private and other data, characterized in that the private data are (5) fully hidden in the case of limited access and only the other data are displayed.
3. Method according to claim 2, characterized in that, in the case of unlimited access (1), a visual indication of unlimited access is displayed.
4. Method according to claim 2 or 3, characterized in that, in the case of limited access (5), events pertaining to private data are displayed on the screen in a limited (e.g. censored) form.
5. Method according to one of the claims 1 to 4, characterized in that, an authentication of a user is performed in order to obtain unlimited access (1), wherein, before the unlimited access (1) is granted, an image signal is captured using the camera of the terminal, a face detection process is carried out using the captured image signal and a determination of the number of faces in the captured image signal is carried out, wherein unlimited access is only granted if the number of faces is exactly one.
6. Method according to claim 5, characterized in that the authentication comprises biometric authentication, in particular, face identification and/or iris identification.
7. Computer program product that can be loaded directly into the internal memory of a digital computer and comprises software code sections, by means of which the steps are carried out according to one of claims 1 to 6 when the computer program is running on a computer.
Type: Application
Filed: Jun 15, 2018
Publication Date: Jun 11, 2020
Inventor: Peter WANECK (Oberaegeri)
Application Number: 16/623,359